iprange_parse() was incomplete and did not include parsed ranges into ipt_iprange_info structure resulting in always adding range 0.0.0.0-0.0.0.0 in the kernel. Moreover, when using --dst-range, error messages may display --src-range instead. Fix this too. Signed-off-by: Vincent Bernat <bernat@xxxxxxxx> --- extensions/libxt_iprange.c | 8 +++++--- 1 files changed, 5 insertions(+), 3 deletions(-) diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c index b28a635..55a2f84 100644 --- a/extensions/libxt_iprange.c +++ b/extensions/libxt_iprange.c @@ -108,7 +108,8 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags, if (invert) info->flags |= IPRANGE_SRC_INV; iprange_parse_range(optarg, range, NFPROTO_IPV4, "--src-range"); - + info->src.min_ip = range[0].ip; + info->src.max_ip = range[1].ip; break; case '2': @@ -122,8 +123,9 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags, if (invert) info->flags |= IPRANGE_DST_INV; - iprange_parse_range(optarg, range, NFPROTO_IPV4, "--src-range"); - + iprange_parse_range(optarg, range, NFPROTO_IPV4, "--dst-range"); + info->dst.min_ip = range[0].ip; + info->dst.max_ip = range[1].ip; break; default: -- 1.7.0.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
